Lucene search
K

251 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:50 p.m.5 views

CVE-2020-8134

Server-side request forgery SSRF vulnerability in Ghost CMS 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems...

8.1CVSS6.6AI score0.0122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:45 a.m.8 views

CVE-2019-6516

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation port-scanning and to perform requests to adjacent workstations network-scanning, aka SSRF...

5.8CVSS6.9AI score0.0139EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 4:15 p.m.14 views

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

6CVSS0.0009EPSS
Exploits1References1
OSV
OSV
added 2025/05/19 4:15 p.m.2 views

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

4.4CVSS5.8AI score0.0009EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/19 4:4 p.m.17 views

CVE-2025-4876 Hardcoded Key Revealed in ConnectWise Password Encryption Utility

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

6CVSS0.0009EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/04/29 7:2 p.m.202 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433Erlang-OTP This script is a custom security too...

10CVSS8.7AI score0.97673EPSS
Exploits36
RedhatCVE
RedhatCVE
added 2025/03/22 1:7 p.m.5 views

CVE-2024-10457

Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...

6.5CVSS7.3AI score0.00525EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/20 4:8 p.m.6 views

CVE-2025-30114

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...

9.1CVSS7.7AI score0.00417EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 10:15 a.m.3 views

CVE-2024-10457

Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...

6.5CVSS0.00525EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:15 a.m.5 views

CVE-2024-10457

Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...

6.5CVSS7.4AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.5 views

CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt

Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...

6.5CVSS6.8AI score0.00525EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.9 views

CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt

Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...

6.5CVSS0.00525EPSS
Exploits0References2
CVE
CVE
added 2025/03/20 10:11 a.m.50 views

CVE-2024-10457

CVE-2024-10457 describes multiple SSRF vulnerabilities in the significant-gravitas/autogpt project (agpt-platform-beta-v0.1.1). The issues arise when inputs to a set of GitHub integration and web-search blocks are controlled by untrusted sources, enabling requests to internal or attacker-controll...

6.5CVSS7.3AI score0.00525EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

AutoGPT 代码问题漏洞

AutoGPT is a tool from AutoGPT Open Source. Used to enable everyone to use and build accessible AI. AutoGPT agpt-platform-beta-v0.1.1 version has a code issue vulnerability that stems from multiple SSRF vulnerabilities that could lead to credential disclosure and internal network scanning...

6.5CVSS6.7AI score0.00525EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/07 2:36 a.m.9 views

CVE-2025-27669

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References1
NVD
NVD
added 2025/03/05 6:15 a.m.4 views

CVE-2025-27669

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...

7.5CVSS0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/05 12:0 a.m.4 views

CVE-2025-27669

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...

7.3AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 12:0 a.m.59 views

CVE-2025-27669

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843, Application 20.0.1923, is affected by CVE-2025-27669 which allows Remote Network Scanning (XSPA) and leads to a Denial of Service. The public description and Red Hat/CNNVD entries confirm affected versions and the nature...

7.5CVSS7.3AI score0.00503EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/03/05 12:0 a.m.11 views

CVE-2025-27669

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...

0.00503EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/02/26 10:53 a.m.17 views

CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries

The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat aka DarkCrystal RAT. The Ukrainian cybersecurity authority said it observe...

6.5CVSS7AI score0.1337EPSS
Exploits1
Rows per page
Query Builder